DXE-2012 State Drift Observed in traffic_target.name attributes of gtm_property resource

[srumberger]

Terraform plan and apply show that the name of a traffic target within a property will be readded at each apply despite the name already being set for the traffic targets. This does not break the terraform but it would be nice to see it corrected as it clogs up the Terraform Plan.

Terraform Version

Terraform v1.3.6 Akamai v3.0.0

Affected Resource(s)

• akamai_gtm_property

Expected Behavior

During the Terraform plan the Terraform should have observed that traffic_target.name is already set for some of the traffic targets and say that the resource will not be changed.

Actual Behavior

The Terraform says that all of the akamai_gtm_property resources will be changed and each traffic target will have the traffic target name added to the resources, whether they are already set or not

Steps to Reproduce

1. create a gtm_property with a traffic target created with a given name
2. Terraform Apply
3. Terraform Plan

[dstopka]

Hello @srumberger! Thank you for reporting an issue. To allow me further investigation, I kindly ask you to provide answers to the following questions:

• Did this issue occur shortly after upgrading to v3.0.0?
• Does it occur on every consecutive terraform apply for the same terraform configuration or is it visible only during the first apply after upgrading to v3.0.0?

I'm looking forward to your answers and I will proceed with investigation after I receive them.

Best regards, Darek

[srumberger]

Hello @dstopka

We have only used v3.0.0 for our GTM Terraform. If you believe it may help, I can try to run a terraform apply using a prior version of the provided. We are also seeing this on every consecutive apply. We have not observed any instance where this does not occur.

Thank you, Sam

[dstopka]

Thanks for a quick response. We'll start the investigation and get back to you once we know more about this issue. We'll also let you know if we need any more information about this particular issue.

[srumberger]

Hello,

Wanted to provide an update as I have more clarification about the issue. To recreate the issue we populate the name parameter of the traffic_target block. After running a deploy we have observed that the name never gets added to the configuration in Akamai. After running a deploy, we downloaded a copy of the configuration from the Akamai Control Center GUI and found that the traffic_target name never got added. We believe this problem could be outside of the terraform provider and possibly with the Akamai API itself.

Thank you, Sam

[hypnotisttom]

Two additional discrepancies noted with this resource and the latest Provider version when referring to liveness tests:

1) peer_certificate_verification is not actually remaining in sync - if we leave the box unchecked in the GUI, the Provider is showing true, when in fact it is false. If we set the field to true via TF, it does not check the box in the GUI, nor does setting it to false uncheck the box - it appears that the value of the argument is not actually reflecting the value in the UI

2) Setting headers in the GUI does not reflect as drift in a Plan

[mgwoj]

Two additional discrepancies noted with this resource and the latest Provider version when referring to liveness tests:

1. peer_certificate_verification is not actually remaining in sync - if we leave the box unchecked in the GUI, the Provider is showing true, when in fact it is false. If we set the field to true via TF, it does not check the box in the GUI, nor does setting it to false uncheck the box - it appears that the value of the argument is not actually reflecting the value in the UI
2. Setting headers in the GUI does not reflect as drift in a Plan

If I understand properly, those are two additional issues not related to the original issue reported. If so, please create independent tickets for them for easier tracking.

[hypnotisttom]

If I understand properly, those are two additional issues not related to the original issue reported. If so, please create independent tickets for them for easier tracking.

No problem at all. I generalized the issue to being fields that were not properly being reflected between the TF and the UI in the same resource, but I'm more than happy to open them as separate issues. I will work on that and then tag here with the IDs.

[hypnotisttom]

I apologize - after further research, the peer_certificate_verification issue and the headers issue are believed to be a missed domain activation in the GUI prior to re-running the TF.

Sam's original "name" issue is still present and reproducible.

Tom

[mgwoj]

Thank you for clarifying the scope of the issue.

We will work on defining the timeline to investigate it further. It is very likely that the issue is on the API level, not the terraform provider.

[lkowalsk-akamai-com]

This issue was fixed in recent releases.

[hypnotisttom]

Hi @lkowalsk-akamai-com,

I'm not seeing the drift now, which is good, although:

1) I'm not seeing the traffic target name reflected in the UI after apply 2) I'm getting a deprecation notice on the property's name field, which seems to contradict the documentation, as the property's name is needed to form the property hostname

╷
│ Warning: Argument is deprecated
│ 
│   with akamai_gtm_property.this[0],
│   on main.tf line 16, in resource "akamai_gtm_property" "this":
│   16:   name                        = var.name
│ 
│ The attribute `name` has been deprecated. Any reads or writes on this attribute are ignored
│ 
│ (and 3 more similar warnings elsewhere)

[mgwoj]

Hello @hypnotisttom ,

Name field is deprecated, this fact will be reflected in the API and documentation soon (the work is in progress - GTM-594).

Thanks, Michal

[hypnotisttom]

Thanks - I'm little confused @mgwoj. There are two "name" fields - one for the traffic target and one for the property.

Are we saying the name field for the property is deprecated? If so, what do we set in its place to prepend to the domain name?

Regarding the traffic target name field, while I see it no longer creates drift, I'm also not seeing it reflected on the traffic targets in the UI, which is why we wanted to set the field to begin with. Can you confirm this?

Thanks,

Tom

[mgwoj]

Apologies for confusing you. My original answer was regarding name field in trafficTargets.

Regarding the second question, while I do not see content of main.tf file, I am sure that this message does not apply to akamai_gtm_property.name field because it is not deprecated, but rather to akamai_gtm_property.traffic_target.name which is indeed deprecated.

[hypnotisttom]

Thanks for the clarification. So it doesn't sound like we will be able to use the traffic target name field to reflect the name in the UI, given its deprecation.

The other piece of my confusion came from the fact the above Terraform deprecation message is specifically referring to line 16 which is the property name field in my main.tf, rather than the traffic target block.

I think I at least understand the expectation here. Thanks for clarifying. My apologies for misunderstanding.

[mgwoj]

That's right, you will not be able to set traffic target name field via Terraform (or API)